Science and Tech


Democrats' Biggest Cybersecurity Upgrade Is Their New Tech Chief

The Democratic National Committee's chief technology officer has instituted better cybersecurity efforts, encrypted messaging and phishing drills.
Posted at 3:51 PM, Sep 12, 2017

The Democratic National Committee is upping its cybersecurity efforts — and it's getting some help from a former Silicon Valley exec. 

Back in June, the committee hired Raffi Krikorian — a former top engineer at Uber and Twitter — as chief technology officer. Since his hire, Krikorian has instituted better cybersecurity education, end-to-end encrypted messaging platforms and regular email phishing drills. 

The CTO told BuzzFeed he wanted to change the DNC's culture of cybersecurity, as well as "get everyone's guard up." 

Krikorian's hire and new policies come over one year after the DNC created a cybersecurity advisory board. It included former employees from the Department of Homeland Security, Google, Twitter and the Justice Department — but some experts criticized the board for having no hands-on cybersecurity experience.

Beyond upgrading security protocol, Krikorian made sure to emphasize the importance of the changes through top DNC officials. 

At an all-staff meeting, committee Chair Tom Perez announced: "If you're going to talk to me ... you're using Signal. I will not respond otherwise." 

Signal is an encrypted messaging app recommended by security experts, privacy advocates and most notably Edward Snowden. 

The 2016 election spurred other political organizations to turn to encrypted messaging. Encrypted app Wickr is now the primary communication method for the Democratic Congressional Campaign Committee. Some Republicans and members of the Trump administration are using Confide, which has the added benefit of destroying messages after they are read.

But beyond encrypted messaging apps, Krikorian still has one major cybersecurity issue to tackle: unencrypted email.

Compared to just using a new app, encrypting emails is cumbersome and inconvenient — even for experts. For now, this means some political officials are still vulnerable to email breaches.